We don't support running under a security manager. Lots of permissions
needed, and the code isn't segmented properly with doPrivileged()
blocks. That could change, but for now that's how it is...
George, as far as your situation goes, it sounds rather unique. Your
best bet would be to turn on JPDA debugging and put a breakpoint in
the AuthorizationManager code. That will tell you FOR SURE what is
going on. If you are up for that, I can help you, but you've got to
know your way around Eclipse.
Andrew
On Apr 1, 2011, at 5:56, Florian Holeczek <[email protected]> wrote:
Uhm, wait... AFAIK we don't support running under a security manager!
@Janne, Andrew: Has that changed?
Regards
Florian
----- Ursprüngliche Mail -----
Von: "Joseph Mocker" <[email protected]>
An: [email protected]
Gesendet: Freitag, 1. April 2011 00:23:01
Betreff: Re: Profile Security NOT WORKING!!!
Not sure the inner workings of how JSPWiki uses jspwiki.properties,
but
you could try turning on Java security manager debugging and see if
that
shows up anything. Check out the trouble shooting section of
http://tomcat.apache.org/tomcat-6.0-doc/security-manager-
howto.html
Also, does jspwiki.log show anything?
Have you looked through all applicable log files for signs of
exceptions
or other errors?
--joe
On 3/31/2011 2:49 PM, George, Kenneth V [NTK] wrote:
That's fine, and I don't necessarily disagree with you.
However, although I am running as root (which I probably should not
be - but this is a simple install), I have not changed any of the
env. values out-of-the-box for CENTOS 5.5. Other than me
specifying JAVA_HOME, no other env. variable is being set. What is
very strange about this, is that is happens exactly the same on 2
different machines, using 2 different OS'es, and 2 slightly
different JDK's.
Just for grins, I re-tested again on the Windows installation
(Tomcat 6.0.32, JDK 1.6.0_24/1.5.0_32).
After running the Security Configuration Verification page, I still
get ALL GREENS for JDK 1.6 and mixed GREEN/RED for JDK 1.5.
-----Original Message-----
From: Joseph Mocker [mailto:[email protected]]
Sent: Thursday, March 31, 2011 3:27 PM
To: [email protected]
Subject: Re: Profile Security NOT WORKING!!!
Are there freshly installed JDKs and servers, user accounts?
Are you using JDKs provided by the Linux distro or one you
downloaded separately from Oracle?
(Its always possible that there is some configuration anywhere in
the above that is interfering with reading jspwiki.policy.)
What do the user environment variables look like when you start
tomcat?
Do you have any special CATALINA_OPTS or JAVA_OPTS defined in
catalina.sh?
It would appear to be something in your environment, as Janne,
myself and others all have been successful so its got to be
something in your environment, just need to find it.
FWIW: I installed tomcat6 ubuntu dist (via apt-get tomcat6) which
also installed OpenJDK, also worked for me.
--joe
On 3/31/2011 12:34 PM, George, Kenneth V [NTK] wrote:
Thanks for taking the time to research all of this.
I am not sure why things are not working for me with 2 different
machines and flavors 1.6 JDK (which is very frustrating since I
think 1.5 is about to go the way of 1.4 - eol).
I enabled the SecurityConfig.jsp and was able to show using 1.6
and Tomcat 6.0.32 I would get ALL GREEN boxes no matter what I
would set jspwiki.policy to, and would get a mix of GREEN and RED
using 1.5.
I was thinking that maybe I should d/l the source and try to build
the JSPWiki.jar file using 1.6 and see if I get different
results. Just not sure.
From: Joseph Mocker [mailto:[email protected]]
Sent: Thursday, March 31, 2011 2:16 PM
To: [email protected]
Subject: Re: Profile Security NOT WORKING!!!
All this commotion got the best of me, so I gave it a spin. Plus
I'm running 2.4 and I probably should really upgrade.
At any rate, seemed to work for me, here's what I did:
1. Spun up a new Ubuntu Server 10.10 X64 VM
2. Created install folder /app
3. Downloaded JDK 1.6.0_24 X64 from Oracle
4. Installed Java into /app/jdk1.6.0_24
5. export JAVA_HOME=/app/jdk1.6.0_24
6. Downloaded Tomcat 6.0.32
7. Installed Tomcat in /app/web/apache-tomcat-6.0.32
8. Started up Tomcat to make sure its working. It was. Shut it
down.
9. Downloaded JSPWiki 2.8.4
10. Installed JSPWiki into /app/web/sites/default/webapps/wiki
11. Installed corepages into /app/web/sites/default/webapps/wiki
12. Edited jspwiki.properties to fix paths for pageDir and
storageDir
13. Created Tomcat webapp descriptor in /app/web/apache-
tomcat-6.0.32/conf/Catalina/localhost/wiki.xml (attached)
14. Started up Tomcat hit the /wiki/Installer.jsp page in
browser.
15. Restarted Tomcat. Verified I could create files as
anonymous, and I could login to admin account.
16. Changed WEB-INF/jspwiki.policy (attached) file so that only
logged in users can create/modify pages.
17. Restarted Tomcat. Verified I could not created/modify pages
until I logged in.
Seemed pretty straight forward to me. Much easier than getting
JSPWiki 2.4 with a custom jspwiki.policy to work with Sun Java
System Web Server 7.0.
:-)
The Security Configuration Verifier showed the exact permissions
of what I could do.
--joe
On 3/31/2011 6:28 AM, George, Kenneth V [NTK] wrote:
...AND...on my test machine (local) I am using 1.6.0_24
C:\Documents and Settings\kvg6037>java -version
java version "1.6.0_24"
Java(TM) SE Runtime Environment (build 1.6.0_24-b07)
Java HotSpot(TM) Client VM (build 19.1-b02, mixed mode, sharing)
-----Original Message-----
From: Janne Jalkanen [mailto:[email protected]]
Sent: Thursday, March 31, 2011 1:42 AM
To:
[email protected]<mailto:[email protected]
.org>
Subject: Re: Profile Security NOT WORKING!!!
This is odd, since I'm running on same JSPWiki, Ubuntu 10.04,
Tomcat 6.0.32 (which is BTW a recommended upgrade; Chrome 10
breaks on occasion otherwise), and I have jspwiki.policy working.
However, I am running OpenJDK 6b20-1.9.7-0ubuntu1~10.04.1.
Is it possible that for some reason Sun JDK's built-in policy
management is kicking in here? Or that it might just be broken in
some odd fashion. Can you try OpenJDK and see if that works for you?
/Janne
________________________________
This e-mail may contain Sprint Nextel proprietary information
intended for the sole use of the recipient(s). Any use by others
is prohibited. If you are not the intended recipient, please
contact the sender and delete all copies of the message.
________________________________
This e-mail may contain Sprint Nextel proprietary information
intended for the sole use of the recipient(s). Any use by others is
prohibited. If you are not the intended recipient, please contact
the sender and delete all copies of the message.
